We Recommend

My Discussions

Native Client (NaCl)

Native Client, abbreviated NaCl, is an experimental browser plugin that is intended to support secure execution of arbitrary native code in Web applications. The plugin provides a Web-embeddable sandboxed runtime environment for portable binaries. NaCl makes it possible for developers to implement performance-sensitive functionality in Web applications with native code. It provides a bridge for enabling communication between JavaScript in a webpage and NaCl executables.

When Google first launched NaCl in 2008, the technology initially only supported the x86 architecture. It has since been expanded with 64-bit support and experimental support for ARM. Google opened the source code of the plugin implementation with the hope that broader exposure would make it easier to identify potential security flaws in the plugin's sophisticated sandboxing scheme.

Google also released a GCC-based toolchain for compiling NaCl-compatible binaries. The process of porting C code to run on NaCl is said to be relatively straightforward. Google successfully ported an H.264 encoder and the classic first-person shooter game Quake to NaCl and demonstrated their use in the browser.

Close scrutiny by the security research community helped to unearth several minor NaCl sandboxing flaws that have since been fixed.